Syage Personall FireWall Pro setting up 1st time

Discussion in 'other firewalls' started by FluxGFX, Apr 12, 2004.

Thread Status:
Not open for further replies.
  1. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    I've tried installing and configuring Sygate Personal FireWall Pro v5

    Now the problem I encoounter after install is that nothing is comunicating. I can see the outgoing traffic but no incoming.

    I've allow the apps to access internet
    I've created rules for allow remote and local 67,68 rules both tcp and udp

    What am I missing... ?!

    DNS rules ?
     
  2. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    You might find the solution for your problem here
     
  3. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
  4. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Already been there... haven't found anything of interest yet
     
  5. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
  6. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    What other security apps are you running?
    Do you have any other firewalls enabled, XP's or a router, etc.?

    Sygate usually works well with most apps, but it can get fussy with some other programs.

    The more information you can give us at the time of installing Sygate Pro, the better it will be to help determine what could be causing the inbound block.

    I have Sygate (free) myself and only ever had one problem with inbound being blocked, but that was because I had an older version (4) of Sygate and installed Port Explorer, which works only with Sygate 5 and up.

    One of our Firewall Experts will hopefully see your thread here and maybe they can offer more advice with the rule sets. I am sorry I cannot help with Advanced Rules as I only use Sygate's Application rules.

    Regards,

    snap
     
  7. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Your DHCP rules should only require UDP:
    Allow Inbound UDP local port 68, remote port 67
    Allow Outbound UDP local port 68, remote port 67

    DNS rules will be required and the ones that I use:
    Allow Inbound UDP, local ports 1024-5000, remote port 53, ISP's DNS servers.
    Allow Outbound TCP/UDP, local ports 1024-5000 remote port 53, ISP's DNS servers.

    Anything showing up in your logs as being blocked?

    Regards,

    CrazyM
     
    Last edited: Apr 12, 2004
  8. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    I'll try to set these values and get back to you ASAP
     
  9. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Crazy,

    I just did has you suggested.

    I've added DHCP and DNS rules

    Now my log windows only shows outgoing communication, no incoming and nothing blocked
     
  10. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Another example of DHCP/Bootp rules:

    UDP rules:
    Rule #14: 'Allow Bootpc'
    Allow All Addresses [68] <-- {DHCP Servers} [67] (LF)
    Rule #15: 'Allow Bootps'
    Allow All Addresses [68] --> 255.255.255.255/255.255.255.255 [67] (L)

    Another example of DNS rules:

    TCP rules:
    Rule #2: 'Allow DNS Servers'
    Allow My Address [1024-5000] --> {DNS Servers} [53] (F)

    UDP rules:
    Rule #13: 'Allow DNS Severs'
    Allow My Address [1024-5000] <-> {DNS Servers} [53] (F)

    Regards,

    CrazyM
     
  11. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    OK, you may need to clarify for me exactly what is not working. You are surfing, getting e-mail, etc. OK?

    Any other hardware/router in the loop?

    Regards,

    CrazyM
     
  12. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    I've done all the above. Not only trying to surf, ftp, mail, games, whatever requires the internet I do see the outgoing but no incoming.

    I have a router in the loop yes.

    UDP and TCP local 1024-5000 and remote 53 were setup
    DNS were inserted
    Gateway was inserted

    Gateway : 192.168.55.254
    DHCP : 192.168.55.254

    DNS servers :
    1 - 24.200.xxx.xxx
    2 - 24.200.xxx.xxx
    3 - 24.200.xxx.xxx

    Rules were created in this fashion
    Allow Inbound UDP local port 68, remote port 67
    Allow Outbound UDP local port 68, remote port 67

    Allow Inbound UDP, local ports 1024-5000, remote port 53, ISP's DNS servers.
    Allow Outbound TCP/UDP, local ports 1024-5000 remote port 53, ISP's DNS servers.
     
  13. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Does all of this outbound (surfing, etc.) work OK?

    With a router in the loop it will be dealing with the unsolicited inbound traffic and the software firewall on your system should not see any blocked inbound unless you have forwarded anything through the router.

    Regards,

    CrazyM
     
  14. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    All the outbound works perfectly

    I'm not forwarding anything through the router never needed to.
     
  15. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Then all is as it should be :)

    If you want to capture blocked inbounds, that will now depend on the logging capabilities of your router.

    Regards,

    CrazyM
     
  16. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Crazy I still can do squat though....

    Now I did a test and installed Kaspersky Anti-Hacker.... same problem occurs... what I'm thinking is that I previously tested Zone Alarm Pro... and I think some left over files are creating this havoc....
     
  17. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Perhaps I'm still not clear on your problem, what havoc o_O

    Regards,

    CrazyM
     
  18. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Problem was simple

    Cannot get net access in anyshape or form with either Sygate, Kaspersky Anti-Hacker, LookNstop whatever the Firewall you name it.

    Now previously I had ZA PRO installed. I'm starting to think that there has been some leftover files... wich when another FW software is installed I get screwd...
     
  19. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Thought you indicated outbound was working perfectly and that surfing etc. was fine.

    Are you saying you have no internet access with any of these firewalls?

    Regards,

    CrazyM
     
  20. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    With any firewall confgured has they should I have no net access.

    Removing old and obsolete files left by ZAP Pro I was able to gain access to the internet after a reboot and installed Looknstop default out of the box and was able to surf, email etc.

    Uninstalled LnS, rebooted, installed Sygate, rebooted, configured net access is not possible

    Uninstalled Sygate, rebooted, net access was restaure.
    Install Kaspersky Anti-Hacker rebooted, no net access possible, uninstall Kaspersky Anti-Hacker, rebooted, net access restaure.

    Install ZA PRO again, rebooted, net access still working

    So therefore for some reason Sygate and Kaspersky are blocking me completely from accessing the net.

    Either Looknstop and ZA Pro are working fine and setup correctly.

    Now what the hell am I doing wrong ?
     
  21. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    OK, I think we are on the same page now :)

    Would appear to have started after removing LnS, would that be correct?

    Did LnS leave anything behind after the install that could be conflicting with Sygate and Kaspersky? You might want to check for any registry entries or drivers that may not have been uninstalled properly.

    What time frame have you been doing this testing over? If you are running XP you may want to consider a restore point prior to all this.

    Regards,

    CrazyM
     
  22. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Hey Crazy,

    I just to fed up and took out my ghost and reloaded the system from my last backup.

    It would appear that the problem was caused by vsmon.dll from ZA Pro wich is left on the PC after uninstall and reboot. It keeps running even thought it's not listed in the service. With that it creates a conflict. Also notice a memory leak in Zone Alarm Pro v5 built 2525, high cpu usage and sudden memory drop.

    Will reinstall LnS or Sygate later on this evening.
     
Loading...
Thread Status:
Not open for further replies.